d4ec4de92420c1aa86d94ab3a49fb6ad | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d4ec4de92420c1aa86d94ab3a49fb6ad
Size

85KB
MD5

d4ec4de92420c1aa86d94ab3a49fb6ad
SHA1

610244a90684824d7f735fb76e937c576632ed99
SHA256

e3f626e9cae5381efedca8d7a30535b95ae66b287464107db33a4e63a34360d6
SHA512

f7be4c75ccfaef07de21216c852ab4001d7f545a065fed574e5e328afe0173e472de6d2986e80dea9f0440d7bf43c9b0c9b8b84cee5eccd590dc84aec2353944
SSDEEP

1536:yZj8F/tOEZI4gx9s4HD/Lm1ReS0EpCMX/D3Ifj6sMnf87kRBN8MToN66sYcB7R:yp8HZpgx9s4HLKHeWpCwLIL7OPRBKMUM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4ec4de92420c1aa86d94ab3a49fb6ad

Files

d4ec4de92420c1aa86d94ab3a49fb6ad
.dll windows:4 windows x86 arch:x86

f579537dc49ac210a45476585b50c0a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
GetProcAddress
LoadLibraryA
GetModuleHandleA
VirtualProtect
FreeResource
SizeofResource
LockResource
LoadResource
FindResourceA
GetLastError
CreateMutexA
SetLastError
GetModuleFileNameA

msvcrt

sprintf
memcpy

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 490B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE